Get the most out of your Centmin Mod LEMP stack
Become a Member

Install Questions for George/eva2000's install choices

Discussion in 'Install & Upgrades or Pre-Install Questions' started by smallbibi, Jun 11, 2019 at 9:04 PM.

  1. smallbibi

    smallbibi New Member

    3
    0
    1
    Tuesday
    Ratings:
    +0
    Local Time:
    3:09 PM
    Hi eva, I have some questions and I hope I can glean some knowledge off you :D

    1. Why use csf instead of directly using iptables/fail2ban? I understand that they are basically the same thing, but are there inherent advantages to using csf?
    2. Based off the php compression modules and dual ssl certs I assume you either don't use or don't like cloudflare? Can you share what are the things that are bad about cloudflare?
    3. Is there a reason why you still use php 7.2? I am going to assume you use wordpress, and personally I have never had anything break on wordpress because I was using php 7.3 and not 7.2
     
  2. eva2000

    eva2000 Administrator Staff Member

    40,188
    8,888
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,697
    Local Time:
    5:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    CSF interface is much easier than iptables for noobies i.e. to ban an ip it's just
    Code (Text):
    csf -d ipaddress

    to whitelist ip it's just
    Code (Text):
    csf -a ipaddress

    also there's advance blocklists you can configure and other country level blocks and native fail2ban functionality
    No i use both cloudflare and centmin mod features - which is optimal so cloudflare talks to centmin mod origin via ecdsa ssl certificate/ciphers SSL - Cloudflare - Improving Cloudflare Connections To Origin Server - Use ECDSA SSL Certs

    wider compatibility with web app's addons and plugins - core maybe PHP 7.3 supported but plugin/addons may not be.
     
  3. eva2000

    eva2000 Administrator Staff Member

    40,188
    8,888
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,697
    Local Time:
    5:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  4. smallbibi

    smallbibi New Member

    3
    0
    1
    Tuesday
    Ratings:
    +0
    Local Time:
    3:09 PM
    Thanks for your reply. Now I see why you choose to use dual ssl certs. However, do you disable the cloudflare minifying/compressing etc. options on wordpress sites? Based on some of your posts I've read it seems like you use cache enabler + autoptimize and centminmod uses things like gzip and brotli compression already.
     
  5. eva2000

    eva2000 Administrator Staff Member

    40,188
    8,888
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,697
    Local Time:
    5:09 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    yeah i disable those on cloudflare end - you'd need to test your specific site to see which performs better minify css/js on cloudflare vs centmin mod nginx origin end but i keep compression on cloudflare side. Don't confuse minify vs compression gzip/brotli
     
..